In this article we interview Smart Technologies Limited’s Systems Architect Robert Azzopardi about the importance of proper protection measures to defend against current and future cyberthreats.
Cyber-challenges are becoming more frequent, diversified and sophisticated, revealing the weaknesses in many backup and cybersecurity solutions. What advice do you give to clients who are looking to safeguard their data and the wellbeing of their business in general?
The current scenario unfortunately remains characterised by cyberattacks, data leaks and ransomware outbreaks, revealing critical cybersecurity lacunae which can be traced back to weak technologies and human error. Of course, backup solutions are there to provide businesses with a safety net. However, at the same time, backup solutions can be compromised, disabled, or perform slowly, causing businesses to lose a lot of money due to downtime.
To solve these problems, we recommend integrated cyber protection solutions that combine antimalware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities into a single agent running under a family of Windows operating systems. This integration, found in solutions offered by top-end providers such as Acronis, lets you maintain optimal performance, eliminate compatibility issues, and ensure rapid recovery. If a threat is missed or detected while your data is being altered, the data will be restored from a backup immediately – because of its one agent, it would know that data was lost and needed to be restored. This wouldn’t be possible with an antimalware agent separate from a backup product with its own agent. Your antimalware solution may stop the threat, but some data may already be lost. A backup agent won‘t know about it automatically and, in the best-case scenario, data will be restored slowly, if at all.
Do you have any specific or practical tips on any preventive measures which can be taken, and what businesses should be looking out for?
First and foremost, I would say patch your OS and apps. A lot of attacks succeed due to unpatched vulnerabilities. By deploying all-in-one cyber-protection solutions like those mentioned above, you will be covered with embedded vulnerability assessment and patch management functionalities. Thanks to these kind of solutions, we can track all discovered vulnerabilities and released patches, and allow admins or technicians to easily patch all endpoints with a flexible configuration and detailed reporting. Be sure to patch high-severity vulnerabilities first and follow the success report to check that patches were applied properly. If you don‘t use any patch management software, things become much harder. At the very least, you will need to be sure that Windows gets all the updates it needs and that they are installed promptly. Users tend to ignore system messages, especially when Windows asks for a restart. This is a big mistake. Be sure that auto-updates to popular software vendors like Adobe are enabled and apps like PDF Reader are also updated promptly.
Secondly, be on the lookout for phishing attempts. Themed phishing and malicious websites appear in large numbers every day, and are typically filtered out at the browser level. However, with comprehensive cyber protection solutions you also gain dedicated URL filtering functionality. The same functionality is available in endpoint protection solutions. Remember that malicious links typically come from somewhere – your instant messenger, email, forum posts, etc. – don‘t click on links you don‘t need to, or that you don‘t expect to receive. Phishing or malicious-themed attachments can come through email, as can the malicious links covered above. And as regards attachments – always check where they really come from, and ask yourself whether you‘re expecting them or not. In any case, before you open any attachment, it should be scanned by your antimalware solution.
Finally, use a VPN while working with business data. Whether you connect to remote company sources and services, or even if your work doesn‘t require those activities and you usually just browse web resources and use telecommunication tools, always use a Virtual Private Network (VPN). If you have a VPN procedure in your company, most likely you will get instructions from your admin or MSP technician. If you have to secure your workplace yourself, use well-known recommended VPN apps and services that are widely available in software marketplaces, or
directly from vendors. A VPN encrypts all your traffic, making it secure in case a hacker attempts to capture your data in transit.
Many individuals and businesses believe that installing antimalware software is enough to protect themselves from cyber-threats. What is your advice in this regard?
Just having antimalware defense in place is not enough; software should be configured properly. This means that a full scan should be performed at least once every day, and that the product needs to get updates daily or hourly, depending on how often they are available. The product you use should also be connected to its cloud detection mechanisms. Although it is on by default, you need to be sure that the internet is available and not accidentally blocked for antimalware software. On-demand and on-access (real-time) scans should be enabled and react upon every new software installed or executed. Moreover, don‘t ignore messages coming from your antimalware solution. Read them carefully and be sure that the license is legitimate if you‘re using a paid version from a security vendor.
Much has been said about the importance of privacy in terms of passwords and workspace. Any advice on that score?
Nothing that hasn’t already been repeated many times before, but still critically relevant – keep your passwords – and your working space – to yourself. Make sure that your passwords and your employee passwords are strong and private. Never share passwords with anyone, and use different and long passwords for every service you use. To help you remember them, use password manager software. Alternatively, the easiest way to create strong passwords is through a set of long phrases you can remember. Eight character passwords are easily brute-forced nowadays. Furthermore, even when working from home, do not forget to lock your laptop or desktop and limit access to it. There have been many cases where people could simply steal sensitive information off a non-locked PC, even from a distance.
For more information or advice on how you can protect yourself – or your business – from cyberthreats, contact Robert Azzopardi directly at robert.azzopardi@stl.com.mt .
For information about Acronis’ all-in-one cyberprotection solutions visit https://www.stl.com.mt/acronis-about-page/
